Last updated: 26 April 2026
This Privacy Policy explains how 360 QHSE Ltd collects, uses, stores, and protects your personal data when you use the 360 QHSE platform and website.
360 QHSE Ltd ("we", "us", "our") is the data controller responsible for your personal data. We are registered in Scotland and are registered with the Information Commissioner's Office (ICO).
Registered address: Walter Street, Glasgow, G31 3PR, United Kingdom
Data Protection contact: [email protected]
Phone: +44 7368 303370
We collect personal data in the following categories:
| Category | Examples | Purpose |
|---|---|---|
| Account data | Name, email address, job title, company name | Account creation and authentication |
| Usage data | Pages visited, features used, session duration, IP address | Platform improvement and security |
| QHSE records | Incident reports, audit records, risk assessments you create | Providing the core platform service |
| Payment data | Billing name, address, last 4 digits of card (processed by Stripe) | Processing subscription payments |
| Communications | Support emails, demo requests, feedback submissions | Customer support and product development |
| Technical data | Browser type, device type, operating system, cookies | Security, analytics, and performance |
Under UK GDPR, we rely on the following lawful bases:
We do not sell, rent, or trade your personal data. We share data only with trusted third-party processors under written data processing agreements:
| Processor | Purpose | Location |
|---|---|---|
| Stripe Inc. | Payment processing | USA (Standard Contractual Clauses) |
| TiDB Cloud (PingCAP) | Database hosting | EU/UK |
| Google (Gmail SMTP) | Transactional email delivery | EU |
| Tawk.to | Live chat support | USA (Standard Contractual Clauses) |
| Cloudflare | CDN, DDoS protection, DNS | EU/UK |
Where data is transferred outside the UK/EEA, we ensure appropriate safeguards are in place (Standard Contractual Clauses or adequacy decisions).
| Data Type | Retention Period |
|---|---|
| Active account data | For the duration of your subscription |
| QHSE records (incidents, audits, risks) | 7 years after account closure (legal/regulatory requirement) |
| Payment records | 6 years (HMRC requirement) |
| Support communications | 3 years |
| Marketing consent records | Until consent is withdrawn + 1 year |
| Server logs and security data | 90 days |
| Anonymised analytics | Indefinitely (no personal data retained) |
You have the following rights regarding your personal data:
Request a copy of all personal data we hold about you (Subject Access Request).
Ask us to correct inaccurate or incomplete personal data.
Request deletion of your personal data where there is no compelling reason for continued processing.
Ask us to restrict processing of your data in certain circumstances.
Receive your data in a structured, machine-readable format.
Object to processing based on legitimate interests or for direct marketing.
Withdraw consent at any time where processing is based on consent.
Lodge a complaint with the ICO at ico.org.uk or call 0303 123 1113.
To exercise any of these rights, email us at [email protected]. We will respond within 30 days. We may need to verify your identity before processing your request.
We use cookies and similar tracking technologies on our website. For full details of the cookies we use, their purpose, and how to manage them, please see our Cookie Policy.
We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These include AES-256 encryption at rest, TLS 1.3 in transit, role-based access control, and regular security reviews. For full details, see our Security page.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and affected individuals without undue delay.
The 360 QHSE platform is a business-to-business service intended for use by organisations and their employees. We do not knowingly collect personal data from individuals under the age of 16. If you believe we have inadvertently collected such data, please contact us immediately at [email protected].
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email (if you have an account) and update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.
If you have any questions, concerns, or requests relating to this Privacy Policy or our data processing practices, please contact our Data Protection team:
Email: [email protected]
Post: Data Protection, 360 QHSE Ltd, Walter Street, Glasgow, G31 3PR, UK
Phone: +44 7368 303370
You also have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner's Office (ICO), at ico.org.uk.
We use essential cookies to keep you logged in and protect your session. With your consent, we also use analytics cookies to understand how you use our platform and functional cookies to enable live chat support. You can change your preferences at any time. Cookie Policy